Bugtraq mailing list archives
Re: Redir games with ARP and ICMP
From: rhialto () POLDER UBC KUN NL (Olaf Seibert)
Date: Tue, 23 Sep 1997 18:36:03 +0200
John Goerzen wrote:
Having anticipated such a problem already (in our envoronment, there are many lab machines which have NFS access to user disks on a server. These machines may even be turned OFF which makes it easy for a spoofer to get in.), I wrote a short Perl script designed to be run from the system startup file. Basically, it "primes" the ARP cache on Linux with the IP and MAC addresses of known machines, setting a flag so that they are never removed from the cache and can never be changed. The config file format is simple -- IP address followed by MAC address, separated by whitespace. Pound at the beginning of a line indicates comment.
This has only been tested on Linux -- people on other platforms may need to adjust the parameters to arp in the system call.
Some systems (notably BSD variants) have the arp -f option: -f Causes the file filename to be read and multiple entries to be set in the ARP tables. Entries in the file should be of the form hostname ether_addr [temp] [pub] with argument meanings as given above. -Olaf. -- ___ Olaf 'Rhialto' Seibert D787B44DFC896063 4CBB95A5BD1DAA96 \X/ It's not easy having a good time rhialto () polder ubc kun nl
Current thread:
- Re: Redir games with ARP and ICMP der Mouse (Sep 20)
- <Possible follow-ups>
- Re: Redir games with ARP and ICMP Olaf Seibert (Sep 23)
- Re: Redir games with ARP and ICMP Neil J Long (Sep 24)